Cyber security, infotech
As zero-day exploits become increasingly common, keeping the kernel up to date is a top priority.
In CentOS 6.x/7.x and RHEL 6x./7.x, upgrading the Linux Kernel is a painful procedure which requires about a dozen steps. On Fedora, all it takes is a time-saving two-liner. You don’t need to concern yourself with the configuration of the grub boot manager, which is a frequent source of trouble on CentOS and RHEL.
If you launch an instance from the official CentOS or RHEL 7.x AMI on AWS, you will be running kernel 3.1 as of this writing. That’s not a good idea. You can easily take advantage of improved security features of newer kernels that are already available in a stable release. The renowned Linux kernel maintainer Greg Kroah-Hartman released the Linux Kernel 4.14.15, which includes important fixes for Spectre & Meltdown. Here is how to update your Linux kernel from 3.1 to 4.16.11 in place.
[Updated 2018-06-11.] You can assign multiple IP addresses to an EC 2 instance. Here is a brief summary that will get you started on using the most recent AWS capabilities.
The AWS Command Line Interface (CLI) is a set of tools AWS provides to allow you to administer your AWS cloud infrastructure and other services in the command line on Windows, Mac and Linux. Installing them is quick and easy. Here is a quick guide to get you started.
In order to figure out how many days your letsencrypt certificates have left, you could check an online services such as:
https://www.ssllabs.com/ssltest/index.html
However, that won’t work for a mail server that’s not also running a web server using the same certificate.
In this case, your best bet is to check the certificate file directly using the openssl command as follows:
openssl x509 -noout -dates -in /etc/letsencrypt/live/smtp.yourmailserverdomainname.com/cert.pem